"The Portable Linux Apps project brings the ideal of "1 app, 1 file" to Linux. Applications are able to run on all major distributions irrespective of their packaging systems - everything the application needs to run is packaged up inside of it. There are no folders to extract, dependencies to install or commands to enter: "Just download, make executable, and run!"" A follow-up article describes how it works, and how to transform debian packages into AppImages. The packages don't include libraries, so the system won't need to update the same library in each individual app.

Then there is a fatal security flaw unveiled in this library. The user will then have to update each application that uses the library instead of just a library packages...

Security flaws are rarely in libraries, and the entire updating system could be automated.

There is also a major security flaw with the shared library system in that an application cannot immediately patch itself. We've seen seen this plenty of times with Firefox where the Windows and OSX versions were patched faster.

Why not throw all rational thought away and just all link static instead of dynamic.

I wouldn't call the current system rational when:

1. Dependency issues can break programs.

2. Dependency issues can require an OS update just to run a newer version of a program.

3. Program files are allowed to be scattered across the system.

4. The entire system requires far more labor via package maintenance compared to systems where programs and libraries are independent.

5. It increases porting costs for ISVs

You know it was one thing to defend the status quo back in 2001 but when Linux has been at 1% since then I say it is time to give the reformers a chance. The status quo isn't working.

You know who the status quo works for? Microsoft. When you work against the reformers you keep Linux exactly where Microsoft wants it to be.